Security Assessment at Appalachian State University

Posted on 30, May | Posted by RMA

The specific objective of this project was to provide the University with a “snapshot” of the existing security program in place at the BB Dougherty Administration Building, any gaps in the program, and potential responses to the gaps identified. Security policy, procedures, systems and organization were examined for level of technology, appropriate application, and the efficiency and effectiveness of deployment. Consultants prepared specific recommendations to address the deficiencies or gaps identified. Recommendations addressed each threat/vulnerability in a practical and pragmatic manner.

Appalachian State University is nestled in the Blue Ridge Mountains of North Carolina. Appalachian State University offers a challenging academic environment, energetic campus life and breathtaking location. Appalachian combines the best attributes of a small liberal arts college with those of a large research university. Known for its value and affordability, Appalachian enrolls about 17,000 students and offers more than 150 undergraduate and graduate majors. Small classes and close interactions between faculty and students create a strong sense of community, which has become an Appalachian hallmark. Appalachian, located in Boone, N.C., is one of 16 universities in the University of North Carolina system.

Continue reading

NC companies’ secrets at risk, cyber terrorism experts say

Posted on 22, Jul | Posted by RMA

In this day and age, sometimes it is difficult to discern truth from fiction. Greg Baker is an expert in the area of cyber terrorism and a leader in developing public/private relationships that work. In the later years of his career with the FBI, he was the face of InfraGard North Carolina.

InfraGard is an information sharing and analysis effort serving the interests and combining the knowledge base of a wide range of members. At its most basic level, InfraGard is a partnership between the Federal Bureau of Investigation and the private sector. InfraGard is an association of businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States.

We recommend this article on cyber terrorism and data theft. Both Greg Baker and Ryan Johnson provide good insight on the problem and steps that can be taken to lessen the possibility of your company becoming a victim of this costly crime. Take stock in what your company should do to enhance the security surrounding its sensitive and important data. Do some research and don’t be afraid to ask questions. It can be beneficial to have someone from the outside review and analyze the strengths and weaknesses of you company’s network and provide advice on what steps can be taken to secure your company network, systems, and data.

Whether a company works on classified contracts or not they are at risk of cyber terrorism. Most of the time, companies do not even realize that they may be a target. No one wants to find out that their systems have been compromised, but most either have or will be. How does your company address its cyber vulnerabilities?

Read the original article here.

Meat, tobacco, furniture and surgical products are just a few of the North Carolina exports booming in the Chinese market. North Carolina businesses’ secrets are also in high demand overseas, and cyber terrorism experts say many companies are not doing enough to fend off hackers.

Continue reading

Situational Awareness Information Bulletin

Posted on 29, Jan | Posted by RMA

JosephDeanHillBetween December 26, 2012 and January 10, 2013, the below identified subject was able to breach security at two identified private sector facilities and two Government facilities in the Raleigh/Durham/Chapel Hill area.

Joseph Dean Hill
Aliases: Mark, Mark Johnson, Joseph Turnag

The identified subject was observed operating a black Nissan Pathfinder with NC plate BEK-9106 in two of the incidents. The subject also has a 2004 Nissan Maxima registered in DMV with NC plate XNM-6071.

It is believed he piggy-backed off employees and/or used social engineering techniques to gain access to secure areas. In each incident, the subject gave Security false names and explanations for his presence at their facility. During each encounter, the subject was confronted by Security and escorted off the premises.

The subject has been subsequently confronted by local, state and federal law enforcement about these incidents at which time he could not provide a credible explanation for his actions.

If your agency has information that this subject has made attempts or succeeded in breaching security at other facilities in your jurisdiction, please contact the NC Information Sharing and Analysis Center (ISAAC) at 919-716-1111, or by email at
Continue reading

Items in Cars – Asking for Trouble

Posted on 10, Dec | Posted by Teresa Ivey

bag in carWhat concerns me is how individuals will leave GPS, phones, iPods, purses, money, and other items of value in their cars – in plain view. They may say, “well, I don’t have anything in my purse” or “my GPS is old.” Someone just walking by your car does not know that the purse may be empty or the GPS may not work – all they are thinking about is getting in, grabbing something, and getting out quickly!

Then the recovery process and headaches for the owner begin. The thief breaks the window to get in, steals something, and possibly does other damage to the vehicle. You have to call your insurance company, file a claim (your insurance may or may not go up), schedule to have repairs done to vehicle, take time to have your vehicle repaired, take time off work – not to mention all the headaches if a credit card was stolen. By just leaving something out where it can be easily seen, you are asking for trouble.

Remove all objects from view whenever you leave your vehicle. Always, always lock your doors – even in your own driveway. There have been so many break-ins while the vehicle is parked in someone’s driveway.

It’s sad that we have to live like this, but we all need to understand that things are different than years ago.

Continue reading

Access Control – Keys to the Building

Posted on 8, Nov | Posted by Kevin M. McQuade, CPP

Access Control - Prox ReaderAs most of us know, an access card or credential is a key to gain entry to a parking lot, building, or other secured space.

Why then do so many people leave their card in their car after work?

Some even hang them from their mirror. When I ask, the response I usually get is “it is more convenient and I know where it is at all times.” I have even heard security personnel within an organization say that they have two or more cards in a system and that they leave one in the car at all times as a spare.


This may be okay if you carry a plain card with no company logo or markings on it indicating where you work, but the cards that do have some information on them could be taken and abused probably before you even know that they are missing.

Access cards need to be treated just like a key to your house.

I don’t think most people would leave their house keys hanging from the rear view mirror.

Continue reading

Digital Message Resonance and Its Impact on Economic Advantage

Posted on 25, Apr | Posted by Christine L. Peterson, CPP, ISP

Using Social Media Monitoring and Analytics to Protect Human Capital, Company Property, and Your Brand

Social Media is a relatively new term that has become ingrained in our consciousness and language, but do you know what it means or encompasses? If you answered no, then you are in the majority. Everyone talks about Social Media, but few really understand it. Here is what Wikipedia, itself a social media site, has to offer us on the subject:

Definition: Social media includes web-based and mobile technologies used to turn communication into interactive dialogue. Andreas Kaplan and Michael Haenlein define social media as “a group of Internet-based applications that build on the ideological and technological foundations of Web 2.0, and that allow the creation and exchange of user-generated content.” (Source: Wikipedia)

As the Wikipedia authors explain, social media interaction is not just conversation: it is the
“super-set” of social dialogue. Social media is not news – it is a data set that describes public consciousness. “Enabled by ubiquitously accessible and scalable communication techniques, social media has substantially changed the way organizations, communities, and individuals communicate.” (Source: Wikipedia)

The Forms of Social Media

As the experts have outlined the subject, social media technologies take on many different forms including magazines, Internet forums, weblogs, social blogs, microblogging, wikis, podcasts, photographs or pictures, video, rating and social bookmarking. By applying a set of theories in the field of media research (social presence, media richness) and social processes (self-presentation, self-disclosure) Kaplan and Haenlein created a classification scheme for different social media types in their Business Horizons article published in 2010. According to Kaplan and Haenlein there are six different types of social media: collaborative projects (e.g., Wikipedia), blogs and microblogs (e.g., Twitter), content communities (e.g., YouTube), social networking sites (e.g., Facebook), virtual game worlds (e.g., World of Warcraft), and virtual social worlds (e.g. Second Life). Technologies include blogs, picture-sharing, vlogs, wall-postings, email, instant messaging, music-sharing, crowdsourcing and voice over IP, to name a few. Many of these social media services can be integrated via social network aggregation platforms.

What Does Social Media Mean To You?

Social media has changed and continues to change the world as we know it. Is that true? Let’s consider the facts:

Service Users or members Content, data, or usage
Facebook 845 million active users 50% log in on any given day
Twitter 140 million users; 460,000 join daily 340 million tweets daily
LinkedIn® 150 million registered users Roughly 2 new members every second
YouTube™ 800 million unique users per month Over 4 billion videos are viewed a day
Flickr ® 51 million registered members More than 6 billion images
Google+™ 25 million users About 1 million visits per week
Wikipedia® 16 million users, 300,000 editors Hosts 19 million articles
Data current as of April 2012.  

Including the thousands of other chat rooms, blogs, forums, newsgroups, and user groups, there are millions of additional social media users around the world. The people who are utilizing social media are your employees, customers, competitors, family, friends, activist groups, governments, and others. This technology is so powerful that it is used for everything from keeping in touch with friends to starting revolutions.

In this white paper we will discuss the state-of-the-art technology and tools that monitor social media for business intelligence purposes, including but not limited to the identification and monitoring of threats to the business and its personnel. Some organizations have already begun to harness the power of this technology in an attempt to exploit a market that is more often than not misunderstood.

While Google Alerts™, Google Web Search™, and low-level social media monitoring tools are of some use as a research aid in risk management, the most professional tools in this area are highly advanced and focus on analyzing information in near real-time from sources on the web.

Why are you in business?

As a business manger or owner, your business exists today because your customers’ expectations are in alignment with the value proposition or economic advantage that they expect to receive as part of the transaction with your firm. What is your value proposition or economic advantage?

  • Proprietary information (secret sauce)
  • Intellectual property
  • Customer/project information
  • Plans and specifications (marketing, R&D, financials)
  • Logistics
  • Human capital, “talent and experience”
  • Brand and reputation
  • Partners and suppliers
  • Physical assets

We know that businesses are leaking economic advantage every day through elicitation and social engineering, the exploitation of cyber vulnerabilities, and internal and external theft and sabotage. Traditionally, leakage has been in the form of a verbal, written, or e-mail disclosure which can and does wreak havoc for businesses every day. The new paradigm of leakage uses social media to communicate a message to an exponentially larger audience at the touch of a button. This is digital message resonance – or the ability of a message to continue propagating or resonating across the Internet and social media sphere long after the initial message was sent. Leakage in the traditional sense can have devastating effects, but it moves slower and is easier to track and contain. In the new era of digital message resonance, a single message can be transmitted to literally millions of people around the globe in a matter of seconds or minutes.

Traditional Model of Leakage New Paradigm of Leakage

As a security, HR, marketing, management, or finance professional, you may believe that a comprehensive security and compliance program utilizing traditional methods of perimeter control, access control, lighting, casual surveillance, security communications, identification, accountability, and training should apply to this new threat. To that, we would also agree – to a point. The traditional tools are critical to the protection of economic advantage and company assets. We would also assert that the world has changed. There are additional security threats and tools to mitigate those threats, but they are cutting-edge and have to remain dynamic. Can your business afford to take a “wait and see” position with respect to social media?

Beyond Monitoring: The Next Step

Social Media Business Intelligence, as applied to business groups, refers to the tools and practices used by organizations to aggregate social media data, gathered via social media monitoring tools and social analytics engines, with existing data and integrate with systems of records and real-time analytics engines. The results are actionable insights that provide businesses with new information on their customers, products, competitors, employees, and even their marketing campaigns that can be used to protect assets and economic advantage while improving the value proposition offered to customers and potential customers. Using this information to proactively predict and anticipate customers’ needs while protecting assets in near “real time” is the value of Social Media Business Intelligence.

The RMA solution allows you to scour the web for mentions of your company and effectively analyzes, processes and stores this data to implement it with existing business processes. It enables businesses to harness the power of social media to support corporate compliance, current threat intelligence, operational security, and event security. At the same time this information will assist management across departments and division to better understand their “value add” proposition with their customers, employees, vendors, community as it relates to their economic advantage.

The RMA solution uses social media business intelligence software to monitor what people are saying about your business in social media, primarily for the purpose of anticipating and mitigating security threats before they occur and for responding to security related issues effectively and efficiently to minimize losses and maximize productivity. At the same time, it can also be used to monitor what people are saying about your brand, industry, and competition.

The RMA solution uses intelligence gathering software that computes dozens of dimensions including sentiment, passion, volume, and much more. It provides access to business intelligence that will allow you to lead – not follow – the conversation and fix those small issues before they grow into big problems.


Social media and web-based analytics provide powerful tools to conduct 24/7 monitoring of existing and emerging threats for Risk Management Associates, Inc. clients.

The RMA solution provides “cutting-edge” scalable technology and analytics. Technology cannot replace training and experience, but it does create an effective method of gathering pertinent information quickly that can be validated and or discounted effectively.

Your businesses can then harness the power of social media to manage corporate compliance, current threat intelligence, operational security, and event security.

Data gathered can be communicated for application across departments and divisions. The RMA solution provides current intelligence that has applicability in multiple departments and divisions within the organization. This provides better understand of “value add” proposition with their customers, employees, vendors, community as it relates to economic advantage.

The RMA solution uses intelligence gathering software that provides clients with an additional tool to protect and demonstrate compliance in this age of digital resonance. Economic advantage like reputation is elusive and once lost very difficult to reclaim. The RMA solution provides an additional tool and layer of security. It provides access to current business intelligence that allows leaders to lead – not follow – the conversation, fix those small issues before they grow into big problems, and preserve evidence that has a short life span.

Risk Management Associates, Inc. utilizes the best technology and the best practices in web-based and social media monitoring, analysis and business intelligence. We look forward to answering any questions you may have about the topics presented in this paper or other security issues that are important to you.

Continue reading

Clear Your Google Web History

Posted on 25, Feb | Posted by Russell W. Gilmore, CISSP, CISM, EnCE

On March 1, 2012, Google will implement a new privacy policy. This new policy will affect any data Google has collected on you prior to that date, along with data collected from then on. Under the new policy, your Google Web History can be combined with other data Google has gathered about you from other services like Gmail, Google+, and other services. What has changed is that your search history was kept separate but will now be combined with other data to make the information more complete. This change will only affect users with Google Accounts.

Clear Your Google Web History

If you’ve been to Google’s homepage lately – and the chances you have are astronomical – you may have noticed a little announcement mentioning something about changes in Google’s privacy policy. You then probably ignored it – but you shouldn’t.

On March 1st, 2012, Google will implement a new, unified privacy policy. The new policy is retroactive, meaning it will affect any data Google has collected on you prior to that date, as well as any data it gathers afterward. The official Google Blog has more details on what the new privacy policy means. But what does all of this legal jargon mean practically? Basically, under the new policy, your Google Web History (all of your searches and the sites you clicked through to) can be combined with other data Google has gathered about you from other services – Gmail, Google+, etc.

Previously Google kept your search history separate, which means that its profile of you was less complete. If you’d like to keep your personal data a good distance away from Google, you’ll need to delete your existing search history and prevent Google from using that history in the future.

The Electronic Frontier Foundation (EFF) has more details on why you might want to turn off Google’s Web History feature.

Privacy policies are ubiquitous, yet often highly irrelevant to the typical user; in this case, however, a little time spent changing your settings can provide invaluable peace of mind knowing that Google can’t exploit your personal tendencies for its own purposes. Convinced yet? Read on for our guide to locking down your web history.

This how-to was written by Scott Gilbertson, a writer and web developer living in Athens, Georgia.

Wiping your History
First sign into your Google account and head to the history page. Click the button labeled Remove all Web History. Then click Okay to confirm. Note that this also pauses your web history going forward, and Google won’t start listening to your history again unless you let it.Google history

Caveats and Considerations
This will not stop Google from gathering data when you search. To do that you would need to block Google cookies completely. However, while it will still gather the data, Google will not use it to serve targeted ads or do anything other than use it for internal purposes. Also, with Web History disabled, your data is at least partially anonymized after 18 months (if you leave Web History on, Google will keep your search records indefinitely).

On the negative side, bear in mind that while this won’t prevent Google from making search suggestions, it will prevent you from getting personalized suggestions based on your previous searches.

In case you do want to take this a step further and block Google from gathering any sort of data from you, you’ll have to get a cookie/script blocking browser add-on, such as Ghostery. For more tips on keeping out of Google’s all-seeing eyes, check out our piece on hiding from Google.

Continue reading

Chinese hackers breached Nortel for years

Posted on 15, Feb | Posted by RMA

Chinese businessWhy is your company in business? You’re probably thinking, “That is obvious. We provide a superior product or service that our customers need.” This leads to three key questions:

Do you know what your economic advantage looks like?
Are you protecting your economic advantage adequately?
How early can you identify leaks and do you have a plan to stop the leakage?

If you are a business who is even talking about this, you are ahead of the curve. Too often, as in the case of Nortel Networks, leaks can continue for years. Once Pandora ’s Box has been opened, it is almost impossible to undo the damage. In this economic climate most of the business resources are focused on delivering the products and services and not on protecting the elements that provide the economic advantage and ultimate return on investment. We are a global market, and as such businesses aren’t just competing with the business across town but with businesses across the world. The competition has never been tougher, and pricing is king.

If it could happen so easily to a once “cutting edge” high tech company like Nortel Networks, one has to ask: how are you protecting your economic advantage?

  • Proprietary information
  • Intellectual property
  • Customer or project information
  • Plans and specifications
  • Logistics
  • Human capital
  • Brand and reputation

  • Report: Chinese hackers breached Nortel for years
    By WRAL Tech Wire

    Research Triangle Park, N.C. — Bankrupt Nortel Networks, which once employed thousands of people in the Triangle, was hacked for years at the highest levels of the company, The Wall Street Journal reported Tuesday.

    “Using seven passwords stolen from top Nortel executives, including the chief executive, the hackers – who appeared to be working in China – penetrated Nortel’s computers at least as far back as 2000 and over the years downloaded technical papers, research-and-development reports, business plans, employee emails and other documents, according to Brian Shields, a former 19-year Nortel veteran who led an internal investigation,” The Journal said.

    Reporter Siobhan Gorman said the hackers had access for “nearly a decade, hackers enjoyed widespread access to the corporate computer network.”

    The Washington Post, citing the WSJ story, added that “former Nortel CEO Mike Zafirovski said that the company did not believe the hacking was a ‘real issue’ and that Nortel did not feel compelled to pass its knowledge of the hacks to potential buyers.”

    According to the Post, Nortel “discovered the hackers in 2004, after an employee noticed some unusual downloads being made in the name of an executive.”

    The Nortel employee that led the probe told The Journal that the hackers were using China-based Internet addresses. He said Nortel decided to ignore his recommendations to enhance network security.

    Nortel is now in the process of liquidation all its assets.

    Read The Journal report here. (Subscription required)
    Read The Post report here.

Continue reading

State of the State: North Carolina Intelligence Community

Posted on 18, Jan | Posted by RMA

Think of security as a three-legged stool. If you remove any of the legs the stool will not stand. The legs of the security stool are a motivated opportunist, access to an asset, and the perception by the opportunist that they have a “good” chance of being successful in gaining the asset. As a security consulting firm, Risk Management Associates, Inc. is too often brought in after the gap in security (access to an asset) has been exploited and the resulting damage has been noticed. That is important because it means that not only has the company been victimized and assets lost, but the losses can go back months and even years undetected. This is true whether we are talking about physical or intellectual assets.

RMA has been providing security consulting services to the federal government for over ten years and to commercial customers for twenty-four years. In 1988 when the business began, most assets were hard assets or company intelligence that could be secured in a safe/vault or behind a series of physical barriers. Access to these assets could easily be restricted. That is not the case in 2012, and it hasn’t been for a decade. Today, critical national and commercial assets include intellectual assets that can be accessed from almost anywhere in the world through the Internet. The key to protecting those assets is awareness. Those of us who are industrial contractors to the federal government are held to a higher standard of awareness and training of both cleared and uncleared employees, but we think that SSA Tim Stranahan’s message is a good reminder to all of us.

Message from Tim Stranahan
Happy Holidays from all the members of the North Carolina Intelligence Community! This past year has been incredible for Counterintelligence efforts in North Carolina. Your vigilance has helped advance covert intelligence operations which continue to truly make a difference globally. Thank you for your calls and emails and please keep them coming!

Though everyone is certainly being targeted for exploit, I continue to be concerned about the amount of counterintelligence work we have in the Raleigh-Fayetteville area. Throughout 2011, we experienced significant financial losses attributed to Economic Espionage and the theft of our Intellectual Property. Predominantly, these losses have been the result of intrusions against company networks where foreign actors have exfiltrated sensitive and valuable information. I am certain you will continue to be targeted throughout this next year and encourage you to take advantage of the talented IC partners who are dedicated to help protect you, your employees, and your information and technologies.

I am convinced CI-Cyber investigations will accelerate in 2012 and reach well beyond our CDCs and impact our R&D and critical infrastructure. It is imperative we protect our technological edge and recognize threats to our business and employees. Please engage your IT staff and understand your vulnerabilities and have a crisis management response plan in place in the event you are a victim. As mentioned by the FBI Assistant Director for Cyber: “It’s easy for somebody, given enough time, energy, and funding, to penetrate any system that is accessible from the Internet. There really is no secure system out there.”

Not certain where to start? Talk to our RED DART team! (see below)

Select highlights for 2011:

  • Espionage subject sentenced to 34 years in prison: Bryan Minkyu Martin, a U.S. Navy intelligence specialist assigned to Ft. Bragg was convicted of attempted espionage for trying to sell classified information to an FBI undercover. He was sentenced to 34 years in prison and received a dishonorable discharge. This highly sophisticated operation was completed in less than 40 days! Great joint operation by your NC Intelligence Community partners!
  • The NC IC partners have started the RED DART initiative. This joint effort is led by NCIS and pulls talent from DSS, AFOSI, Army 902nd, HSI, and the FBI. RED DART is designed to help educate companies in and around the Raleigh-Fayetteville area regarding foreign intelligence threats. Please contact me if you would like your company to have representatives from the RED DART team stop by.
  • Cleared Defense Contractor conference-March 2012 (Day to be set): The FBI and the NC Intelligence Community will host a Cleared Defense Contractor conference in Fayetteville which will focus on Counterintelligence and Cyber. Expect additional details mid-January along with agenda. Those attending will need an active security clearance. Please contact me if you have any questions or suggestions.
  • New FBI agent to be assigned to Fayetteville: SA Courtney McMillan will arrive on January 3rd and her priority will be to establish a relationship with folks around the Fayetteville area to ensure you get the intelligence information you need to protect those technologies which make the U.S. great! Look for her to reach out to you soon!

SSA Timothy M. Stranahan
FBI, Counterintelligence Program
Charlotte Division
704-672-6550 office

Continue reading

FBI says hackers hit key services in three US cities

Posted on 21, Dec | Posted by Billy Gordon Green, Jr. M.Ed., CPP, CHS

Everybody is preoccupied with chemical, biological, radiological, and nuclear devices (CBRNE) and vehicle-borne improvised explosive devices (VBIED) while the hackers are practicing to really take us down hard. In our opinion, this is the new “front line” in security and counterterrorism.

How do we get the great unwashed to understand that passwords are not just there as a nuisance?

Gives a whole new meaning to “Revenge of the Nerds,” doesn’t it?

NSI Security News Watch – December 15, 2011
FBI says hackers hit key services in three US cities

The infrastructure systems of three US cities have been attacked, according to the Federal Bureau of Investigation.

At a recent cybersecurity conference, Michael Welch, deputy assistant director of the FBI’s cyber division, said hackers had accessed crucial water and power services. The hackers could theoretically have dumped sewage into a lake or shut off the power to a shopping mall, he said. Industrial control systems are becoming an increasing target for hackers.

‘Ego trip’
“We just had a circumstance where we had three cities, one of them a major city within the US, where you had several hackers that had made their way into Scada systems within the city,” Mr. Welch told delegates at the Flemings Cyber Security conference.

“Essentially it was an ego trip for the hacker because he had control of that city’s system and he could dump raw sewage into the lake, he could shut down the power plant at the mall – a wide array of things,” he added. Such systems – commonly known as Supervisory Control and Data Acquisition (Scada) – are increasingly being targeted by hackers, following reports that they rely on weak security.

It follows two alleged break-ins to city water supplies. The first, to a water supply in Springfield, Illinois, was later played down by the FBI which said it could find no evidence of cyber-intrusion. Initially it had thought a hardware fault was caused by Russian hackers but it later emerged that this was not the case.

In another attack a hacker named pr0f claimed to have broken into a control system that kept water supplied to a town in Texas. The hacker said the system had only been protected by a three-character password which “required almost no skill” to get around. Mr. Welch did not confirm whether this breach was one of the three he was talking about.

Default passwords
Security experts predict there will be a rise in such attacks.

“Such systems have become a target partly because of all the chatter about the lack of security. Hackers are doing it out of curiosity to see how poorly they are protected,” said Graham Cluley, senior security consultant at Sophos. He said that many relied on default passwords, and information about some of these passwords was “available for download online”.

Furthermore the firms that run Scada systems, such as Siemens, often advise against changing passwords because they claim the threat from malware is not a great as the problem that will be caused if passwords are changed.

“Not changing passwords is obviously slightly crazy. Proper security needs to be in place otherwise it is laughable,” said Mr. Cluley.

24-hour surveillance
Industrial-scale hacking hit the headlines in 2010 with news of a worm aimed at Iran’s nuclear facilities.
Stuxnet was widely rumoured to have been developed by either the US or Israeli authorities and, according to experts, was configured to damage motors used in uranium-enrichment centrifuges by sending them spinning out of control. Iran later admitted that some of its centrifuges had been sabotaged although it downplayed the significance of Stuxnet in that.

This year a Stuxnet copycat, Duqu, was discovered by security experts. Initial analysis of the worm found that parts of Duqu are nearly identical to Stuxnet and suggested that it was written by either the same authors or those with access to the Stuxnet source code. Unlike Stuxnet it was not designed to attack industrial systems but rather to gather intelligence for a future attack.

Mr. Welch also revealed at the conference that, to date, the FBI’s cyberteam had worked a 9 to 5 day. He said that a 12% increase in its budget would mean the team could now expand and begin monitoring cyberthreats around the clock.

Continue reading